Can't Create Users or Groups - No Permissions

Started by mestafin, November 15, 2018, 02:57:00 PM

Previous topic - Next topic
Print
Go Down Pages1
User actions
November 15, 2018, 02:57:00 PM
I am running version 18.7.7 in HA cluster

We use the local database for authentication of users

When logged in as root on the primary fw, it is not possible to create a new User or a new User Group.

The error message is:

You do not have permission to perform this action.

What am I missing here?
November 16, 2018, 09:56:48 AM #1
Anybody with any help or advice?

Where can I search for log files or other help to debug this problem?
November 16, 2018, 01:18:58 PM #2
I think I have a bigger problem with the permissions.

When logged in as root,  I can create a Backup, but I can't restore a backup configuration

Any help on where to look?
November 16, 2018, 06:32:25 PM #3
Sure, this is a security fix of 18.7.7 in action:

https://github.com/opnsense/changelog/blob/master/doc/18.7/18.7.7#L5-L11

Your root user, for one reason or another, has the "deny-config-write" privilege which prevents you from doing these things.

If you have another admin, simply remove that from the root user or the offending group...


Cheers,
Franco
November 17, 2018, 10:09:25 AM #4
I don't have another admin user.

How and where do I remove the "deny-config-write" privilege to be able to add more users and user groups?
November 19, 2018, 06:32:24 PM #5
Gentlemen,

I desperately need to fix this issue to allow me to add users and user groups.

The suggested solution does not help me at all.

I have no idea where and how to remove the "deny-config-write" privilege.

Can someone please explain to me how to do this, given that I don't have another user with admin privileges?
November 20, 2018, 06:17:19 AM #6
Do you have SSH access?
Print
Go Up Pages1
User actions